CVE-2018-4186

HIGH

Safari < 11.1 - Information Leakage via Private Browsing Download Handling

Title source: llm
STIX 2.1

Description

In Safari before 11.1, an information leakage issue existed in the handling of downloads in Safari Private Browsing. This issue was addressed with additional validation.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT208695

Scores

CVSS v3 7.5
EPSS 0.0095
EPSS Percentile 56.7%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (1)
apple/safari < 11.1
Published Jan 11, 2019
Tracked Since Feb 18, 2026